ADEN: Anomaly Detection Engine for Networks

Abstract

The ADEN team completed its first project year with a successful evaluation of the preliminary version of its detection engine. The advancing availability of data had a major influence on the direction of our work. We started with public data from Wikipedia for adversary detection by content analysis. With the availability of the synthetic datasets generated by CERT, we refocused our work to address relational data. Finally, the more comprehensive SureView collected at Raytheon gives us the opportunity to extend our anomaly detection engine with the design of a Combined Codebook consisting of a mix of textual, relational, and network oriented variables that may all be linked to identifying insider threat.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2013
Accession Number
ADA598209

Entities

People

  • V. S. Subrahmanian

Organizations

  • University of Maryland

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Abstracts
  • Algorithms
  • Anomaly Detection
  • Availability
  • Change Detection
  • Computer Science
  • Data Sets
  • Detection
  • Detectors
  • Dimensionality Reduction
  • Indicators
  • Insider Threats
  • Literature Surveys
  • Security
  • Social Networks
  • Standards
  • Universities

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neural Network Machine Learning.
  • Organizational Process Management (OPM).